<?php
session_start();

// 允许跨域访问的域名列表
$allowed_origins = array(
    'http://localhost:5173',
    'http://localhost',
    'https://wx-hwbl.z-yd.cn'
);

// 获取请求的 Origin
$origin = isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : '';

// 如果请求的 Origin 在允许列表中，则设置相应的 CORS 头
if(in_array($origin, $allowed_origins)) {
    header("Access-Control-Allow-Origin: $origin");
    header('Access-Control-Allow-Credentials: true');
    header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
    header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Token, access_token, Access-Token');
}

// 处理 OPTIONS 预检请求
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
    header('HTTP/1.1 204 No Content');
    exit();
}

$arr = explode("?",$_SERVER['REQUEST_URI']);
$uri = $arr[0];

//处理html页面
if($uri == "/index"){
    include("home.html");
    exit;
}

if($uri == "/"){
    include("index.html");
    exit;
}

// 设置 JSON 响应头
if($uri != "/") {
    header("Content-type: application/json; charset=utf-8");
}

// 鉴权，只要是 /api/admin/ 开头的，都需要鉴权，除了 /api/admin/login
if(strpos($uri, "/api/admin/") !== false && $uri != "/api/admin/login"){
    if(!isset($_SESSION['admin_user'])){
        $outJson = new stdClass();
        $outJson->msg = "请先登录";
        $outJson->code = 500;
        echo json_encode($outJson);
        exit;
    }
}

require("cnFrame/Frame.php");
require("cnApi/admin/user.php");
require("cnApi/admin/upload.php");
require("cnApi/admin/template.php");
require("cnApi/admin/release.php");
require("cnApi/user/release.php");
require("cnApi/user/user.php");
require("cnApi/admin/details.php");
require("cnApi/admin/statistics.php");
require("cnApi/admin/categories.php");
require("cnApi/user/video.php");
?>
